Sunday, March 11, 2012

Content spoofing is a rarely discussed topic and is much unheard by the many of us!So let's evaluate the concepts of content spoofing in detail:

- Content spoofing has been categorized as an attack technique using which the attacker is able to inject a malicious code or payload in to the good content of a web site or a web application.

- This malicious payload or code is later thought of as being the legitimate content of that particular web site or web application which is a wrong interpretation.

- Content spoofing affects usually the web pages which have been built dynamically.

- Text only content spoofing is the technique in which the payload usually as text is passed in to the body of the web page or application in the form of a query string value.

- This approach usually takes effect on the pages of the web sites displaying some news entries and error pages.

- Such content is then later posted on the web site as its legitimate content.

- So when the users visit that particular link they perceive that the spoofed content is nothing but the legitimate content.

- In some cases it is possible that the pay load may exist on the web page for a longer time than estimated.

- Most of the web pages have been built dynamically with the sources from the HTML (hyper text mark up language).

- The attacker can easily change the content and when the particular web page is accessed by a browser, the location comes of the same domain as the user expected but the user does not come to know that the content is not legitimate instead it is shrouded one.

- As this is not enough to harm a web site, some attackers even manage to send malicious links to the users through emails and messages.

- In some cases the malicious links can be enforced up on the users following a cross site scripting attack.

- When the user clicks that link, he/ she visits the web page designed by the attacker with the malicious URL (uniform resource locator).

- The user will not come to know about this that he/ she is actually viewing am unauthentic web page.

- They will unknowingly believe that the spoofed content that they are viewing is purely authentic but this is not the case.

- Content spoofing does nothing but spoils the trust that the user has on the web site.

- The technique of content spoofing is being used like anything for the creation of fake web sites including fake login pages, press releases and defacement.

- Another point to be noted is that if you can fall victim to a cross site scripting attack, then the chances are that you may fall prey to content spoofing attacks as well.

- Content spoofing is a type of exploitation activity used by the hackers who have wrong intentions like presenting certain web pages to the user as if they are legitimate and not from an external source.

- This is somewhat similar to the SQL injection attacks. In both the cases the victims are defrauded like in phishing.

- Some attackers can even access the data base of a web application stored in a server and alter the contents.

- Content spoofing cannot be readily detected since there is large apparent difference between the actual and the spoofed content.

- The content spoofing carried out with the help of dynamic hyper text mark up language or DHTML is considered to be the most dangerous type since it can be used to form fake login pages.

- When any user inputs his sensitive data (can be a password, credit card number etc) in that page, the data goes directly to the attacker without the knowledge of the user that he has fallen victim to an identity theft.